lotl
Here are 13 public repositories matching this topic...
Living Off The Land (LOTL) persistent Reverse shell
-
Updated
Jan 14, 2024 - HTML
BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.
-
Updated
Jul 6, 2025 - AutoIt
Kernel R&D | SysWhispers & HellsGate Successor, fully modular Indirect & Direct Syscall Framework - EDR/AV/AC Capability Platform
-
Updated
Feb 22, 2026 - Rust
Advanced Living Off the Land (LotL) tactics, tools, and abuse techniques for red teams, defenders, and cyber researchers. Stealth over payload.
-
Updated
Aug 18, 2025
LotL-Watcher is a lightweight security monitoring tool designed to detect and mitigate "Living-off-the-Land" attacks. Instead of relying on traditional file signatures, this tool monitors the behavior of trusted Windows binaries (like certutil, powershell, wmic, mshta).
-
Updated
Feb 3, 2026 - C#
Certificates repository from https://webgate.ec.europa.eu/tl-browser generated by node-tl-browse using Azure Devops
-
Updated
Jul 22, 2021
POC framework for detecting LOLBin abuse in Sysmon logs using Splunk SPL. Implements 12 layered checks (signature matching, parent-child anomalies, threat intel, statistical baselines) with risk scoring for automated alert prioritization. Supports standalone Splunk or distributed n8n architecture.
-
Updated
Dec 2, 2025 - Python
Source code for a deprecated "LOTL file transfer technique" which would utilize the Windows BITS subsystem
-
Updated
Sep 19, 2024 - C
Worshop en Red Team Space, Ekoparty 2023
-
Updated
Sep 14, 2024
🛡️ Detect and prevent Living-off-the-Land attacks with advanced kernel-level visibility and a high-performance .NET platform for enhanced system security.
-
Updated
Feb 23, 2026 - C#
Improve this page
Add a description, image, and links to the lotl topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the lotl topic, visit your repo's landing page and select "manage topics."